USNS MONTFORD POINT - Findings

Showing 1 unique vulnerabilities (1 total) (filtered) View Documentation Status (90 tracked)

V-206637 CAT II The DBMS must generate audit records when unsuccessful acces...

1 asset 1 Closed Database Security Re...

Hostname	IP Address	Status	Assigned To	Last Scan	Actions
MONT-DB-002	-			2026-03-06
Finding Details No details recorded. Comments Page 2 of reference document SQL Anywhere 17 - Auditing Options.pdf species the types of auditing events captured in the audit log. A setting of ‘all’ includes auditing of failed permission checks on objects which translates to an unsuccessful access to an object.

Check Text

Review DBMS documentation to verify that administrative users can specify database objects for which access must be audited, and can specify which kinds of access must be audited. If the DBMS is not capable of this, this is a finding. Review DBMS documentation to determine whether the application owner has specified database objects (tables, views, procedures, functions, etc.) for which access must be audited. Review the DBMS/database security and audit settings to verify that audit records are created for unsuccessful attempts at the specified access to the specified objects. If not, this is a finding.

Fix Text

Deploy a DBMS capable of producing the required audit records when object access occurs. Configure audit settings to create audit records when the specified access to the specified objects is unsuccessfully attempted.

Finding Details

Comments

Check Text

Fix Text